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DETAILED ACTION 

1 . Claims 1-1 8 are pending in this application and presented for examination. 

Objections 
Abstract 

2. The abstract of the disclosure is objected to because of the following informality: 
typographical or grammatical error line 14. "Prior to loading the executing the . . ." Appropriate 
correction is required. See MPEP § 608.01(b). 

Drawings 

3. The drawings are objected to because: Figures 1-4 should be designated by a legend such 
as -Prior Art- because only that which is old is illustrated. See MPEP § 608.02(g). Corrected 
drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid 
abandonment of the application. The replacement sheet(s) should be labeled "Replacement 
Sheet" in the page header (as per 37 CFR 1 .84(c)) so as not to obstruct any portion of the 
drawing figures. If the changes are not accepted by the examiner, the applicant will be notified 
and informed of any required corrective action in the next Office action. The objection to the 
drawings will not be held in abeyance. 

Claim Objections 

4. Claims 1-7, and 9-16 are objected to because of the following informality: "the 
computer" (for example in: claim 1 lines 1 1 and 12; claim 2 lines 2-4; claim 3 lines 3-4; . . . 
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claim 9 line 10; claim 10 lines 2 and 4; . . . claim 16 lines 3-4), lacks antecedent basis. In order 
to further prosecution, the examiner interpreted "the computer" in all claims as "the remote 
computer" for which antecedence is provided in independent claims 1 and 9. Appropriate 
correction is required. 

5. Claim 7 is objected to because of the following informalities: "the going-insecure 
message" lacks antecedent basis. In order to further prosecution, the examiner interpreted claim 
7 as depending from claim 6, which provides antecedent basis for the limitation. Appropriate 
correction is required. 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

7. Claims 1-5, 9, 11-14, 17, and 18 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Arbaugh et al., U.S. Patent No. 6,185,678 Bl, (hereinafter "Arbaugh"). 

8. Regarding claim 1: Arbaugh discloses a monitor (col. 5 lines 15-19) that monitors the 
security state of a remote computer system (col. 5 lines 15-23), the monitor comprising: 

a computing device (Fig. 1C item 4); 

a communications medium interconnecting the computing device with the remote 
computer system (Fig. 1C item 24 and col. 7 lines 6-7); 



Application/Control Number: 10/693,182 Page 4 

Art Unit: 2196 

a pair of data-storage media each containing a sequence of encryption keys, one data- 
storage medium local to the monitor (col. 5 lines 20-23), and the other data-storage medium local 
to the remote computer system (col 10 lines 44-51); and 

a program, running on the computing device, that exchanges with the remote computer 
system (col. 4 lines 49-51), over the communications medium, messages encrypted using one or 
more encryption keys extracted from the data-storage medium local to the computer system in 
order to monitor the security state of the computer system (col. 4 lines 38-40). 

9. Regarding claim 9: Arbaugh discloses a method for monitoring (col. 5 lines 15-19) and 
reporting (col. 5 lines 18-19) the security state of a remote computer system, the method 
comprising: 

providing a monitor computing device (Fig. 1C item 4) interconnected with the remote 
computer system (col. 5 lines 20-23) by a communications medium (Fig. 1C item 24 and col. 7 
lines 6-7); 

providing a pair of data-storage media each containing a sequence of encryption keys 
(col. 5 lines 20-23 and col. 17 lines 36-37), one data-storage medium local to the monitor 
computing device (Fig. 1C item 4), and the other data-storage medium local to the remote 
computer system (col. 10 lines 50-51); and 

receiving messages from the remote computer system over the communications medium 
by the monitor (col. 6 lines 14-16) and, storing an indication, by the monitor, of the security 
state of the computer system determined by the monitor from the received messages (col. 14 
lines 43-45). 



Application/Control Number: 10/693,182 
Art Unit: 2196 



Page 5 



1 0. Regarding claims 2 and 1 1 : Arbaugh discloses that following power on or reset of the 
computer system (col. 5 lines 15-17), while the computer system is in a relatively high-security 
state, the computer system sends an initial-authentication message to the monitor (col. 5 lines 21- 
23), encrypted with a next key extracted from the data-storage medium local to the computer 
system (col. 4 lines 43-45). 

1 1 . Regarding claims 3 and 12: Arbaugh discloses that the monitor receives the initial- 
authentication message (col. 5 line 21), decrypts the initial-authentication message (col 4 lines 
56-57), using a next key extracted from the data-storage medium local to the monitor, and stOTes 
an indication that the computer system is in a relatively high-security state (col. 4 line 65). 

12. Regarding claims 4 and 13: Arbaugh discloses that the remote computer collects security 
metrics (col. 4 lines 43-45), and includes the security metrics in the initial-authentication 
message (col. 4 lines 49-50). 

13. Regarding claims 5 and 14: Arbaugh discloses that the monitor receives the initial- 
authentication message (col. 21 lines 8-9) and extracts the security metrics in order to determine 
the security state of the computer system (col. 21 lines 9-12). 

14. Regarding claim 17: Arbaugh discloses computer instructions encoded in a computer- 
readable medium (col. 7 lines 36-37). 
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15. Regarding claim 18: Arbaugh discloses a monitor that monitors the security state of a 
computer system (col. 5 lines 15-19). 

Claim Rejections - 35 USC §103 

16. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

17. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Arbaugh in view 
of Abgrall et al., U.S. Patent Publication No. 2003/0037237 Al (hereinafter "Abgrall"). 

18. Regarding claim 8: Arbaugh discloses that the data-storage media both contain 
encryption keys (col. 5 line 22 and col. 17 lines 36-37), and each of the data-storage media are 
one of: a compact disc (col. 6 line 59); a DVD disc (col. 6 line 59); an electronic memory (col. 7 
lines 1-2); and a magnetic disk (col. 6 lines 58-59). 

Arbaugh does not disclose that the keys are identical sequences. 

Abgrall teaches keys that are identical sequences (page 4, [0044], lines 5-6). 
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Therefore, it would have been obvious to one skilled in the art at the time of the 
invention to modify Arbaugh with the symmetric keys of Abgrall, capitalizing on the well known 
relative speed of symmetric keys to enhance the authentication system's efficiency. 

19. Claims 6-7, 10, 15, and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Arbaugh in view of Byers et al., U.S. Patent No. 6,959,184 Bl, (hereinafter "Byers"). 

20. Regarding claims 6 and 15: Arbaugh discloses that while the computer system is in a 
relatively high-security state, prior to loading and/or executing an untrusted software program 
into memory (col. 10 lines 13-14), the computer system performing encryption with a current 
key extracted from the data-storage medium local to the computer system (col. 4 line 44). 

Arbaugh does not disclose the computer system sending a going-insecure message to the 
monitor. 

Byers teaches the computer system sending a going-insecure message to the monitor (col. 
1-2, lines 67-2). 

Therefore, it would have been obvious to one skilled in the art at the time of the invention 
to modify Arbaugh with the active notification of insecurity taught by Byers in order to alert all 
networked nodes of a particular node's insecure state. 

21. Regarding claims 7 and 16: Arbaugh discloses that the monitor decrypts the initial- 
authentication message (col. 4 lines 56-57) using a current key extracted from the data-storage 
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medium local to the monitor (col. 5 line 22), and stores an indication that the computer system is 
in a relatively low-security state (col. 14 lines 43-45). 

Arbaugh does not disclose the monitor receiving a going-insecure message. 

Byers teaches the monitor receiving a going-insecure message (col. 2 lines 4-5). 

Therefore, it would have been obvious to one skilled in the art at the time of the invention 
to modify Arbaugh with the active notification of insecurity taught by Byers in order to alert all 
networked nodes of a particular node's insecure state. 

22. Regarding claim 10: Arbaugh does not disclose that the monitor receives a request for 
information about the security state of the computer system, and replies with a security-status- 
inquiry-response message based on a determined security state of the computer system. 

Byers teaches that the monitor receives a request for information about the security state 
of the computer system (col. 4 lines 41-42), and replies with a security-status-inquiry-response 
message (col. 5 lines 2-3) based on a determined security state of the computer system (col. 4 
lines 45-46). 

Therefore, it would have been obvious to one skilled in the art at the time of the invention 
to modify Arbaugh with the active notification of insecurity taught by Byers in order to alert all 
networked nodes of a particular node's insecure state. 

Conclusion 

23. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure is: 
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• "Building a Foundation of Trust in the PC," Trusted Computing Platform Alliance, 
January 2000. 

• Clark et al., "BITS: A Smartcard Protected Operating System," Communications of the 
ACM, November 1994, vol. 37 n. 1 1, pp. 66-70, 94. 

• Schneier, "Applied Cryptography," John Wiley and Sons, Inc., 1996, p. 216. 

• Allen et al, U.S. Patent No. 5,404,532, regarding a persistent/impervious event 
forwarding discriminator. 

• Clark, U.S. Patent No. 5,892,902, regarding intelligent token protected system with 
network authentication. 

• Cromer et al., U.S. Patent Publication No. 2003/0159056 Al, regarding a method and 
system for securing enablement access to a data security device. 

• Khanna et al., U.S. Patent Publication No. 2005/0071677 Al, regarding a method to 
authenticate clients and hosts to provide secure network boot. 

• Slater et al., U.S. Patent Publication No. 2003/0028829 Al, regarding remote monitoring 
of computer devices. 

Please direct any inquiry concerning this communication or earlier communications from 
the examiner to Bea Koempel-Thomas whose telephone number is 571-270-1252. The examiner 
can normally be reached on Monday - Thursday & alternate Fridays; 0730 - 1700. 

If attempts to reach the examiner by telephone are unsuccessful, please contact the 
examiner's supervisor, Nabil El-Hady, on 571-272-3963. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




